Cognex In-Sight Products Telnet Service Vulnerability Allowing Unauthorized Device Configuration Changes

A vulnerability exists in Cognex In-Sight Explorer and In-Sight Camera Firmware, specifically in versions 5.x up to and including 6.5.1. The issue arises from a telnet-based service exposed on port 23, which is intended for management operations like firmware upgrades and device reboots, but requires authentication. However, the service improperly allows users with protected privileges to invoke the SetSystemConfig functionality, enabling them to modify critical device properties such as network settings. This behavior contradicts the security model outlined in the user manual.

Impact

Exploitation of this vulnerability could lead to unauthorized changes in device configuration, particularly network settings, potentially disrupting communication or integration with other systems.

Remediation

Cognex advises users to transition to next-generation In-Sight Vision Suite-based systems, such as the In-Sight 2800, In-Sight 3800, or In-Sight 8900 series embedded cameras. For those using In-Sight Explorer, CISA recommends following general cybersecurity best practices for industrial control systems, such as minimizing network exposure and using secure remote access methods like VPNs.